On Mon, Mar 25, 2013 at 12:42 PM, Guido Berhoerster
One of the reasons why sudo is also encouraged is logging. On a shared computer, it is relatively trivial to log every command executed via sudo and then aggregate that information via e.g. logwatch or logcheck or any number of monitoring solutions. For this reason, it might be advisable to actually specifically disallow sudo su, since that circumvents said measures, basically using sudo once to gain a root shell, in which you can go crazy.
Yes, but sometimes it is necessary. For instance, when piping.
sudo blabla | grep bleh > /etc/somefile
won't work, because the redirect happens in an unprivileged bash. And doing sudo bash -c 'all here' is a mess of string quoting that never comes out right.
sudo blabla | grep bleh | sudo tee /etc/somefile >/dev/null
is a well-known idiom for addressing this (and other redirections requiring root privileges).
Cool. Always learning. One less reason to use sudo su. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org